[Samba] Re: Trusted domain user login

Carlos Lorenzo Matés clmates at mundo-r.com
Thu Jan 31 19:32:28 GMT 2008 

Hi.



El Jueves, 31 de Enero de 2008, Carlos Lorenzo Matés escribió:
> Hi.
>
> El Miércoles, 30 de Enero de 2008, Thorkil Olesen escribió:
> > Carlos Lorenzo Matés <clmates <at> mundo-r.com> writes:
> > > > Maybe you should try:
> > > >
> > > > wbinfo -a NTDOMAIN\\clorenzo%myrealpassword
> > >
> > > This was my first try and it says exactly the same.
> >
> > Well, that should work.
> >
> > > We have the very same users groups and passwords in the
> > > NT Domain and in the
> > > samba Domain, our samba domain uses ldap for storage.
> >
> > It doesn't make sense to have same users in both domains.
>
> We make this because we are migrating the NT domain to a samba domain and
> this was the best option to make this transparent for users
>
> > >From samba's point of view users in different domains are
> >
> > not the same even though they have same username and
> > password. They will still have different SIDs.
> >
> > > Here is our nsswitch.conf
> >
> > (...)
> >
> > > passwd: files ldap
> > > group:  files ldap
> >
> > (...)
> >
> > > passwd_compat:  ldap winbind
> > > group_compat:   ldap winbind
> >
> > (...)
> >
> > Why do you put winbind at 'passwd_compat' instead of 'passwd'?
>
> I don't know I'm going to revise this, thanks


Well, teste with the winbind added behind passwd and group and now getent 
returns the NT Domain users and groups also, as you said.

getent shadow only returns the ldap shadows 


btw the wbinfo -a was not working because i was only seting an \ betwen the 
domain name and the user name, and must be \\. Now is working regardless the 
nsswitch setup

but the trust still does not work fine

Thanks again


-- 
Un saludo.

Carlos Lorenzo Matés.
clmates AT mundo-r DOT com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba/attachments/20080131/a1a85727/attachment.bin

More information about the samba mailing list